Slashdot videos: Now with more Slashdot!

View

Discuss

Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

DavidGilbert99 writes "LulzSec's star burnt brightly in the short period it was active, but things quickly turned sour when its core members began getting arrested. Last week three of the six core members were sentenced in the UK, but this only served to highlight the fact that one member of the group, known as Avunit, has been able to remain unidentified despite the FBI having turned the group's leader Sabu into an informant. Who is Avunit? And does he hold the purse strings of the group's Bitcoin wallet which could have up to $180,000 in it?"
As usual, be warned of the horrendous autoplaying video ads surrounding good content at the primary link.

Typical American. Oblivious to the social engineering surrounding him at ever living second of his life.

He linked to them, *because that makes him money*! Remember: Slashdot nowadays is an *advertisement* website. There is no such thing as a real actual article. He wrote that, not to warn you, but to make you more accepting towards those ads. Seems like it worked.

Another thing about bitcoin: they are trackable. Hard to track, but as I understand it's possible, as every single transaction is logged by the network, and that it is possible to track down the whereabouts of every single bitcoin at every moment in the past since it was mined.

They received some 3,000 bitcoins in donations back in the day, can't those bitcoins be traced to a certain wallet? And - related - can they (or the wallet itself) be anyhow confiscated?

Now I'm the first to admit I still don't really understand the intricacies of bitcoin - my understanding is mostly from reading about it here and on other sites. So I may be totally off, if anyone knows better I'd love to hear.

You can't confiscate them but you can track them if you know the history of some of the bitcoins in their possession. Problem is that there's nothing stopping someone from passing those bitcoins through a thousand anonymous parties connecting over Tor then trading them with others for other bitcoins before cashing them out or exchanging them for something.

In this case it's a donation - and I for one would want to make a donation directly to the cause, not via some shady individuals (now in this case the cause itself is shady as well of course). Just to have the feeling that my donation arrives where it's supposed to arrive, and that it's used for what it's supposed to be used.

Now when this avunit guy is going to spend the coins, that's again a different matter. However the suggestion is that little to no of the donations have been spent, and that he's hoardi

It's simplier to launder coins. You move them to one of the many exchanges that keep coins in a common pool. Then you withdraw coins to a new address - chain is broken. Bounce around to a few exchanges in different countries. That's the easy way, there are even services specifically designed for laundering.

You can have as many wallets as you like and a wallet can generate as many "addresses" as you want to receive money on. Outsiders have no idea that two distinct Bitcoin destinations aren't in fact the same wallet.

Additionally, only the network as a whole really knows where the transactions are coming from, an individual Bitcoin user doesn't (otherwise it would be pointless!). It's peer-to-peer so somewhere, some peer knows what IP generated that transaction. But without having control of a vast proportion of the whole network, down to the IP level, there's no way to reliably trace anything back to a "real" IP, person, wallet.

Transactions are logged. But with wallet addresses. And you can tell what wallet addresses should have how much money in each. But you can't tell which wallet addresses are the same address, nor where they come from, nor who owns them. A transaction will just appear in the blockchain and come from several thousand peers almost simultaneously who share the information across the network and even the first one on the list isn't necessarily the client who first saw the transaction.

And those clients are private peer-to-peer clients. If my client was the first to see your transaction, you'd have to raid ME to get the IP information from my systems - and what are the chances of a random Bitcoin user having full network traces of all the actions on their network, going back to the transaction you're interested in, by the time you find them?

Transactions are basically sent to random people in the swarm. They talk to more random people and eventually the network all sees the transaction. Finding out which Bitcoin address first saw the transaction is nigh-on impossible even with complete knowledge. Raiding them and finding information on their systems that links back that transaction to an originating IP is incredibly unlikely even if you could do that. And if they used Tor or a proxy to initiate the transaction? You're stuffed.

Even collection of funds? They can publish any number of Bitcoin wallet addresses that secretly correspond to a single wallet and anyone who sends them money will NEVER KNOW where it's going. The transaction goes into the swarm and after a while, all clients agreed that wallet address X has amount Y in it. The total wallet, though, might have several million addresses associated with it and even the last client on the route to informing that wallet of a received transaction won't ever know that it's talking to the wallet holder.

No matter what you think of it as a currency, Bitcoin is a fabulously-designed anonymous transaction protocol. About the only threat is one entity holding 50% of the hashing power, but that just gives them the power to control the block chain, not identify users.

As a matter of fact I never directly used Bitcoin. I don't exactly trust it as a currency and for various reasons I don't think this is the future; however I find the concept very interesting from a technical pov. As you say it's a very well designed protocol, no doubt about that.

Well we use to have banking privacy. Banks knew who had the account, but your transactions were secret unless there was evidence of a crime in which case the bank could be forced to hand over the details.

Then as an anti-laundering measure, the data was given to SWIFT, and recorded by them, but that was OK because SWIFT was owned by the banks and would only turn over the data if evidence of a crime existed as they were under Belgian law.

Then the USA grabbed all of SWIFT's data post 9/11 deciding they should see every transaction made in the world.

Then the EU Commission *gave* them the right to receive all EU future data, after SWIFT moved their head quarters and servers from USA to Switzerland. So now the EU obtains the data from SWIFT and sends it to the USA.

Then the USA extracted some data related to tax havens, like British Virgin Islands and handed that to the press and gave all the rest of that data to UK and Australia. At the same time using the press stories to market the 'tax evasion' angle, and override the fact that a lot of privacy laws were broken when they handed private banking data to their allies.

So watch Bitcoin, because they'll declare Bitcoin trackable, and require forced declaration of all transactions to the USA. If you imagine they won't, take a look at SWIFT, if I send money from Belgium to Germany, the record is taken and handed to the USA, and that's despite the privacy law in the EU, and the criminal privacy law in Belgium and the financial privacy law in Germany.

At some point we all became criminals here in Europe, and the EU Commission decided it had the right to waive privacy, and we see 'leaks' of data on 'certain' politicians, but not others, as the USA gets to pick and choose who can be a politician by leaking their banking data to their allies.

Given that I'm on a geek website, I was expecting a flurry of corrections, actually. Maybe Slashdot isn't the geek hangout that I thought any more. Maybe we're all just naysayers following everyone else because "Bitcoin is stupid" or whatever.

I've barely looked into Bitcoin myself and don't mine and wouldn't come close to some of the insane setups I've seen documented for mining even if I did.

Normal people don't stare at Fox News all day and think that everyone outside of the status quo is a raving lunatic either. A very large portion of "normal" people smoke pot in America, as do people who enjoy "deviant" sex. (Not defending child molesters here, but "sexual deviant" is a grossly misused term whose definition only exists inside the speakers mind. To some, anything outside of missionary sex through a hole in a sheet is deviant.)

They received some 3,000 bitcoins in donations back in the day, can't those bitcoins be traced to a certain wallet?

You can trace bitcoins to certain wallet easily by inspecting the blockchain (public log of all bitcoin transactions). The problem is, you usually can't find to whom does the wallet belong. If the bitcoins were send trough some kind of mixing/anonymising service which doen't keep track of real-world identities of its users, you are usually out of luck.

And - related - can they (or the wallet itself) be anyhow confiscated?

The wallet can be confiscated (or bitcoins could be transfered out of it) if you know the private keys stored in the wallet. This is very hard unless you have

Hard? Nah they are easy to "track", the problem is, the tracking pretty much relies on someone being a bit careless.

Thing is, every bitcoin address is a public key, so they are anonymous, anyone can generate a new address. So each new transaction, to a new account, is nearly impossible to "track". You just don't know if the coins changed hands or not, nor do you know which one.

Lets say there are X bitcoins in account A. A new transaction is generated sending Y bitcoins to account B and Z bitcoins to account

Given the general leakyness of the Lulzsec "organisation", this person has done well to remain unidentified.

This's pretty much how Anonymous in total have been characterized from the beginning; < 10 "smart cookies" surrounded by thousands of LOIC armed script kiddies, and everyone including the fibbies gets to have a fun time.

Maybe he is fictive? Number three pigs '1', '2', and '4'. And laugh your ass off as the police search pig number 3 for months if not years.

Multiple aliases are better to remain anonymous. When the author is found, there is no way to know if all his aliases are discovered. Undiscovered aliases could be confused as a other person. Even if someone confess there is a sixth person it could be misinformation or plain ignorance.

Which would imply the account is hacked. I mean, I'm assuming that the individual who set up the account is the AvunitAnon they're looking for - the LulzSec member. It is at least treated as "official" communication channel with that person in the articles. Twitter accounts require a password, in contrast to a typical IRC chatbox where anyone can log in, using any name.

Now with the skills he's shown elsewhere, I'd expect he'd secure his Twitter account as good as technically possible, and I think it being h

The story about this in The Register talks about an IRC chat with someone claiming to be AVunitAnon, after which the Twitter user with that name reacted to that, claiming that IRC user was an imposer and not the real one. That's not something a bot can do.

Nice, that would actually be kind of fun. Always make reference to some member ("Dave") of your group who is the real mastermind behind all of your acts of infamy, then take turns performing various actions in his name. When they come to arrest all of you, offer to turn King's Evidence, and help them catch "Dave," who, after they read through your logs, etc. they will really want. In the final scene, lead them to an apartment filled with weaponry, half-finished pamphlets calling for a revolution against the

There's a more likely reason he hasn't be identified. I'd bet Avunit was caught first and outed or helped out Sabu and the others in exchange for no jail time and not being publicly named. If you think about it Sabu doesn't appear to have gotten much of a break for helping the FBI, the best offers would go to the first turncoat... Avunit.
But maybe I'm wrong, perhaps he really is that good.

If I were to engage in such hacking activity, I'd not use my home/office ISP. Always use some open WiFi, an Internet cafe, Starbucks, whatever.

Maybe even an anonymous prepaid SIM (paid in cash, thethering through a phone bought second hand in cash). And after the SIM is empty/expires, buy a new one and trade in the phone for another one. And again do not use the phone at home, but always on the move, sitting in some random park, etc.

That should take care of the direct-connecting-it-to-a-person part. But in

I'm sure there was supposedly some dude in Lulzsec who was ex-military.I'm not sure if he was one of the ones caught or not. But that is all I know sadly.Mind you, I could be thinking of someone else, I never did pay much attention to their attention-whoring.

To have been able to evade capture this long, he is either very smart, or doesn't exist. Or both.He could just be a ghost, a codename, something agreed upon that is lost to time used to tric

Why can't browsers tell me which tab or window (let alone frame etc) is playing sound and also offer a way to disable it? It's cause their customers are doing it. Oh well, I woulda expected better from Firefox.

Safe, not. The site does not bring the ads themselves, some external ad broker does this. And with many well known ad companies compromised, no matter how well you trust the site and it's webmaster, I doubt there is any ad network that can really be trusted.

an FBI agent provocateur responsible for directing this false flag operation to discredit online "hacktivism" everywhere. Look at the changed opinions on slashdot of "anonymous" before and after Lulzsec.

To anyone with any level of maturity "hacktivists" come across as nothing more than immature glory hunters trying to get noticed as they attempt to stick it to The Man and who simply make life difficult for the 99.999% of normal internet users who just want go about their fscking business without some teenager going through the standard issue rebellious phase trying to DDOS some corp because in his tiny mind he's making some highly original and deeply profound protest.

Not really. I thought anonymous were a bunch of jackasses from the start. Its hard to take seriously a bunch of kids who wear the mask of a character from a comic - sorry , "graphic novel" - in an attempt to seem mysterious and ineffable. The irony was obvious lost on them.

That is, the real-world version of HOLMES IV's Mycroft. And the NSA's playing right into his hands, so to speak, by building that fantastic new processing center with direct access to all communications and data.Watch out for falling rocks!